Main research areas at the department of information networks

The national law about cybersecurity č 69/2018 Z.z defines the term “Cybersecurity is a state, in which the networks and information systems are able to a certain degree of reliability withstand arbitrary activity, with may threaten availability, integrity or privacy of stored, transmitted or processed data or related services provided or made accessible via those networks and information systems.”

The ability to withstand arbitratry activity, which may threaten security attributes, at a certain level of reliability requires system approach. The challenge for researchers is to create a security system on different levels: at the level of organization, at the level of infrastructure, at the level of a service or an application. The security system for the required security attributes of the relevant domain specifies technical solutions able to withstand a given threat. Thus the development of a security system requires an architectural design, which will encompass all views of interested parties into a single design document. The architecture of security system under research at the Department of information networks is shown in the figure. The approach is divided into three levels representing views on network and information system security by different members of our Department.

Cloud computing

 

The view of cloud computing encompasses the level of infrastructure and the structural level. Infrastructural level respresents technical solutions for cloud and structural level represents provision of cloud services.
Technical solutions are aimed at virtualization of the end systems (Linux, Windows) and network equipment (Cisco, Juniper, MicroTik, …).
The development of cloud services is aimed at security as a service – SECaaS. The development is done according to norms ISO/IEC/IEEE 42010 for system and software engineering in agreement with the norm ISO/IEC 27000. The aim is to create a methodology for development of SECaaS and its software support for use in an arbitrary implementation environment.

More of our results and current activities can be found in a separate profile of the research group “Cloud computing and virtualization”.

Data Management

 

The data obtained by monitoring network are inseparable from a cybersecurity solution. In our research group we attack the following problems:

  • collection, storage and processing of network data, which can be used for forensic activity and for creating datasets
  • creation of complex and credible datasets, which are needed for training and testing of new methods for detection of network attacks and anomalies
  • effective monitoring, analysis of data and its visualization
  • management of data flow for faster routing in IP networks

The need to solve these questions and the results we obtained can be found in an independent research profile of the group “Data management”.

Machine Learning

 

The viewpoint of artificial intelligence supplements existing security mechanisms, in which a cybersecurity specialist determines signatures of known attack mechaisms. We focus on detectors of malicious activity and anomalies in high speed networks implemented using machine learning. These methods can uncover even unknown types of attack and anomalies that may occur in the future. Our view at machine learning methods is shown in our own profile “Machine learning – detection of anomalies and explainability.”

Implementation of method of machine learning can be done using software and/or with hardware support.

  1. graphical computing unit (GPU)
  2. field programmable gate array (FPGA)
  3. massively parallel memristor crossbars

In so far the second type of implementation, a programmable logic circuit based on logic functions can provide programs in FPGA. When compared with programs stored as data in memory this approach provides higher throughput. On the other hand the flexibility of this approach is limited and therefore it is suitable only for selected specific applications. The same holds for detection of security risks, where it is possible to analyze a large amount of data in high speed traffic. Communication between FPGA and a central processing unit is carried through a bus – Peripheral Component Interconnect (PCI) Express and thus it does not represent a bottleneck for adjustment of processing logic, and this adjustment can be carried out in real time.

With regards to the third kind of implementation with massively parallel memristive circuits, our current results and future research directions can be found in the profile “Implementation of machine learning using memristive circuits”.

 

Machine learning implementation by memristive circuits

Your content goes here. Edit or remove this text inline or in the module Content settings. You can also style every aspect of this content in the module Design settings and even apply custom CSS to this text in the module Advanced settings.

References

[1] Systems and software engineering  ISO/IEC/IEEE 42010:2011, http://www.iso-architecture.org/ieee-1471/
[2] Model Driven Architecture, omg/00-11-05,  https://www.omg.org/mda/
[3] Drozdová M. a kol. Transformation in Model Driven Architecture, In: Information Systems architecture and technology, proceedings of 36th conference ISAT 2015. Part I Springer 2016 ISBN 987-3-319-28553-5, s. 193-203

Projects

NFP313010S242, Creation of an equipment for automatic and manual collection of information assets and their subsequent evaluation using the Monte Carlo method

Project leader:

Unassigned project leader

Increasing the security of communication network infrastructure

At present, we can observe a massive digital transformation of communication infrastructures and internal or external services of organizations from various fields of technology and industry into cloud environments, not excluding the management of these systems. However, implementing these modern solutions while achieving the expected level of quality and availability brings many new challenges in […]

KEGA – 026TUKE-4/2021 – Methodical and content innovation of teaching selected subjects in the field of information and communication technologies with an orientation for the needs of practice based on the use of modern video conferencing and collaboration tools

The aim of the project is a methodological and content innovation of teaching ICT subjects at three universities, which are focused on the area of ​​computer networks with specific attention to the integration of modern video conferencing and collaborative tools. The project responds to the requirement of practice and employers that graduates of technical universities […]

Project leader:

Mgr. Jana Uramová, PhD.

KEGA – 051ŽU-4/2021 – Technologies of private cloud environments in higher education

We can say that there is another historical breakthrough, which will significantly affect the area of ​​use and deployment of IT in private and public sector. This is characterized by an increase in the use of virtualization and its extensions, which include Cloud computing (CC). Many companies are now completely moving their own server infrastructure […]

Security audit of cyber security of ŽT, a.s.

Description Expert opinion. Date from / to: 1.5.2020 / 21.10.2020

Project leader:

prof. Ing. Tomáš Loveček, PhD.

NFP313010W988 – Research in the SANET network and possibilities of its further use and development